CVE-2025-40109 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure set_ent is always present Ensure that set_ent is always set since only drbg provides it.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/15d6f42da1bb527629d8e1067b1302d58dec9166
https://git.kernel.org/stable/c/17acbcd44fe8dc17dc1072375e76df2d52da6ac8
https://git.kernel.org/stable/c/915cb75983bc5e8b80f8a2f25a4af463f7b18c14
https://git.kernel.org/stable/c/ab172f4f42626549b02bada05f09e3f2b0cc26ec
https://git.kernel.org/stable/c/bd903c25b652c331831226cdf56c8179d18e43f4
https://git.kernel.org/stable/c/c0d36727bf39bb16ef0a67ed608e279535ebf0da
https://git.kernel.org/stable/c/c5c703b50e91dd4748769f4c5ab50d9ad60be370
https://git.kernel.org/stable/c/e247a7d138e514a40edda7c4d72c8bd49bb2cad3
https://lore.kernel.org/linux-cve-announce/2025110904-CVE-2025-40109-23f5@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-40109
https://www.cve.org/CVERecord?id=CVE-2025-40109

History

Mon, 10 Nov 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025110904-CVE-2025-40109-23f5@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-40109 https://www.cve.org/CVERecord?id=CVE-2025-40109
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Mon, 10 Nov 2025 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Sun, 09 Nov 2025 04:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure set_ent is always present Ensure that set_ent is always set since only drbg provides it.
Title		crypto: rng - Ensure set_ent is always present
References		https://git.kernel.org/stable/c/15d6f42da1bb527629d8e1067b1302d58dec9166 https://git.kernel.org/stable/c/17acbcd44fe8dc17dc1072375e76df2d52da6ac8 https://git.kernel.org/stable/c/915cb75983bc5e8b80f8a2f25a4af463f7b18c14 https://git.kernel.org/stable/c/ab172f4f42626549b02bada05f09e3f2b0cc26ec https://git.kernel.org/stable/c/bd903c25b652c331831226cdf56c8179d18e43f4 https://git.kernel.org/stable/c/c0d36727bf39bb16ef0a67ed608e279535ebf0da https://git.kernel.org/stable/c/c5c703b50e91dd4748769f4c5ab50d9ad60be370 https://git.kernel.org/stable/c/e247a7d138e514a40edda7c4d72c8bd49bb2cad3

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-11-09T04:35:59.979Z

Updated: 2025-11-09T04:35:59.979Z

Reserved: 2025-04-16T07:20:57.167Z

Link: CVE-2025-40109

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-11-09T05:15:46.913

Modified: 2025-11-12T16:19:59.103

Link: CVE-2025-40109

Redhat

Severity : Low

Publid Date: 2025-11-09T00:00:00Z

Links: CVE-2025-40109 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object